Table of Contents

• Key Concepts and Terminology
• Key Terms & Definitions
• Key Areas
• Identity and Access Management_Mindmap
• Domain 05_Practise Tests
• Domain 05_Flashcard
• Resources
• Credits & Disclaimer
• Contribution
• Related Mindmap

CISSP Mindmap – Domain 05

A comprehensive CISSP Mindmap Series will include all 8 Domains. This collection is designed to equip prospective CISSP professionals with essential resources for exam preparation, training and reference.

• Identity Management – The process of identifying, tracking, and managing the digital identities of users to control access to corporate resources. Identity management systems provide tools for creating, modifying, and deleting user identities.

• Access Management – The techniques and processes that control and manage access to resources, ensuring that users have the appropriate permissions to perform certain tasks.

• Authentication – The process of verifying the identity of a user, device, or other entity in a computer system, typically as a prerequisite to granting access to resources in the system.

• Authorization – The process of determining if a particular user, program, or device has the right to carry out a certain activity, such as accessing a specific file or network, after authentication has been successful.

• Single Sign-On (SSO) – A user authentication process that permits a user to enter one name and password in order to access multiple applications. It eliminates the need for multiple passwords and simplifies the user’s experience.

• Multifactor Authentication (MFA) – A security mechanism that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.

• Role-Based Access Control (RBAC) – A method of regulating access to computer or network resources based on the roles of individual users within an enterprise. Users are assigned roles, and through those roles, they gain permissions to perform certain actions.

• Access Control List (ACL) – A table that tells a computer operating system which access rights each user or device has to a particular system object, such as a file directory or individual file.

• Identity Federation – A system of trust between different organizations that allows for the sharing of identity information across multiple IT systems or applications. Federation enables users to use the same identification data to obtain access to the networks of all enterprises in the group.

• Privileged Access Management (PAM) – The monitoring and protection of accounts and processes that have elevated (or privileged) access or permissions to critical and sensitive systems within an IT environment.

• User Entity Behavior Analytics (UEBA) – Security solutions that analyze the behaviors of users and entities (systems, devices, etc.) within an environment to detect anomalies or deviations that could indicate potential security threats.

• Credential Stuffing – A type of cyberattack where stolen account credentials, typically consisting of lists of usernames and/or email addresses and the corresponding passwords, are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application.

Control Access to Assets:

• Understand and apply the fundamental concepts of access control systems and methodologies.
• Manage identification and authentication of people, devices, and services.
• Integrate identity as a third-party service (e.g., on-premise, cloud, and hybrid).
• Implement and manage authorization mechanisms.
• Manage the identity and access provisioning lifecycle (e.g., provisioning, review, revocation).

Identification and Authentication:

• Understand and implement various forms of user authentication, from passwords and tokens to biometrics and multifactor authentication (MFA).
• Address the strengths and weaknesses of different authentication methods and strategies for their deployment.

Access Control Systems and Methodology:

• Delve into the principles of access control systems, including discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC).
• Explore how these methodologies are applied in real-world scenarios to protect information and systems.

Single Sign-On (SSO) and Session Management:

• Examine the concepts and applications of SSO, including federated identity management.
• Understand the technologies and protocols that support SSO, such as SAML, OpenID Connect, and OAuth.
• Manage user sessions to ensure secure access and use of resources over time.

Accountability, Monitoring, and Reporting Access:

• Implement logging and monitoring mechanisms to track user activities and detect potential security incidents.
• Understand the importance of audit logs and accountability in tracing access and actions within systems.
• Utilize access review and reporting tools to comply with policies, standards, and regulations.

Identity as a Service (IDaaS):

• Explore the use of cloud-based services for identity management, including considerations for security, privacy, and compliance.
• Understand the integration of on-premise IAM with cloud-based services, addressing challenges and benefits.

Third-Party Identity Services:

• Manage risks and security considerations when integrating third-party identity services into an organization’s IAM framework.
• Address the complexities of federated identities across different domains and services.

Provisioning and De-provisioning of Resources:

• • Understand the lifecycle of identity and access management, from the initial provisioning of access to resources to the de-provisioning or revocation of that access.
  • Implement processes and controls to ensure timely and accurate management of access rights as roles and relationships change

• CISSP Practice Set_01: Identity And Access Management

• CISSP Flashcard_01: Identity And Access Management

• (ISC)2 CISSP Official Study Guide (OSG) 9th Edition by Mike Chapple, James Michael Stewart, and Darril Gibson
  • Chapter 13 – Chapter14, Pg637-718
• CISSP All-in-One Exam Guide, Ninth Edition by Fernando Maymi and Shon Harris
  • Part V, Pg715-808
• Eleventh Hour CISSP® Study Guide, Third Edition by Eric Conrad, Seth Misenar, Joshua Feldma
  • Domain-05, P117-133
• Destination Certification – A Concise Guide by Rob Witcher, John Berti, Lou Hablas, Nick Mitropoulos
  • Domain-05, Pg315-349

• The Official (ISC)2 CISSP CBK Reference, 6th Edition by Arthur Deane and Aaron Kraus

  • Domain-05, Pg377-418

• (ISC)2 CISSP Official Practice Tests by Mike Chapple and David Seidl
• How to Think Like a Manager for the CISSP Exam by Luke Ahmed
• Boson Practice Exam
• Study Notes and Theory (SNT) by Luke Ahmed

• Mike Chapple’s CISSP Cert Prep on LinkedIn Learning.
• Kelly Handerhan’s CISSP Prep Course on Cybrary
• Destination CISSP Mindmap Video
• Pete Zerger’s CISSP Exam Cram 
• Prabh’s Coffee Shots
• Luke Ahmed’s Study Notes and Theory (SNT) 

We express our gratitude to the below-mentioned authors, creators, and sources which have been referred for the creation of our Interactive CISSP Mindmap – Mike Chapple and David Seidl (OSG), Luke Ahmed (SNT), Pete Zerger (Exam Cram), Prashant Mohan (Memory Palace) , Prabh (Coffee shots), Rob Witcher (destcert.com/)  and M. Waleed Khaliq (CISSP Concepts Guide).This Mindmap has been meticulously created to ensure that information is shared effectively. This Mindmap aims to offer a thorough grasp of essential concepts with a dedication to assist enhanced learning experiences. We hope that this resource helps people absorb information more thoroughly, which will lead to a broader understanding of each CISSP domains and is freely available for all.

We have already included some reference images and short notes for most of the topics so that users can more effectively refer to the content in the mindmap. If you have any information, images, or notes that can make the mindmap more effective, please feel free to share them.

https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/tree/main/CISSP_Domain_05

For issues and concern please feel free to raise a issue in Github link https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/issues

Connect with me www.linkedin.com/in/sajin-shivdas